SELinux context

Definition

SELinux context refers to a set of security attributes assigned to files, processes, and other system objects in a Linux system using Security-Enhanced Linux (SELinux). These contexts define the security policies that govern access control, specifying which subjects (e.g., users or processes) can access which objects (e.g., files or ports) and under what conditions. The context is composed of four main components: user, role, type, and level, which together enforce mandatory access control (MAC) policies.

Secure Settings Example

# Set the SELinux context for a web server directory to allow HTTPD access
semanage fcontext -a -t httpd_sys_content_t "/var/www/html(/.*)?"
restorecon -Rv /var/www/html

Insecure Settings Example

# Incorrectly setting a directory to a generic context, potentially allowing unauthorized access
semanage fcontext -a -t default_t "/var/www/html(/.*)?"
restorecon -Rv /var/www/html